FRAG

RANSOMWARE

Confirmed CVEs (1)

Exploited by this group as confirmed by threat intelligence sources.

CVE-2024-40711 CRITICAL Veeam Backup and Recovery 9.8

Predicted CVEs (39) CORRELATION

How does prediction work?

Predicted CVEs are identified through automated correlation using multiple sources: vendor/product profiles historically targeted by the group (MITRE ATT&CK), attack chain patterns (KEV + TTPs), threat intelligence (MISP, STIX), and AI analysis. These CVEs have not been confirmed as exploited by this specific group, but have a high probability of being targets based on the actor's operational profile.

CVE-2025-20337 CRITICAL Cisco Identity Services Engine Software low 10.0 CVE-2020-2021 CRITICAL Palo Alto Networks PAN-OS predicted 10.0 CVE-2024-3400 CRITICAL Palo Alto Networks PAN-OS predicted 10.0 CVE-2024-36401 CRITICAL geoserver low 9.8 CVE-2025-3248 CRITICAL langflow-ai langflow low 9.8 CVE-2025-53770 CRITICAL Microsoft SharePoint Enterprise Server 2016 low 9.8 CVE-2024-4577 CRITICAL PHP Group PHP low 9.8 CVE-2025-3248 CRITICAL langflow-ai langflow predicted 9.8 CVE-2025-22457 CRITICAL Ivanti Connect Secure low 9.8 CVE-2025-31324 CRITICAL SAP_SE SAP NetWeaver (Visual Composer development server) low 9.8 CVE-2024-40766 CRITICAL SonicWall SonicOS low 9.8 CVE-2024-40766 CRITICAL SonicWall SonicOS predicted 9.8 CVE-2025-53770 CRITICAL Microsoft SharePoint Enterprise Server 2016 predicted 9.8 CVE-2022-26501 CRITICAL Veeam Backup & Replication predicted 9.8 CVE-2024-40711 CRITICAL Veeam Backup and Recovery predicted 9.8 CVE-2023-22515 CRITICAL Atlassian Confluence Data Center predicted 9.8 CVE-2023-22527 CRITICAL Atlassian Confluence Data Center predicted 9.8 CVE-2023-22518 CRITICAL Atlassian Confluence Data Center predicted 9.8 CVE-2024-0012 CRITICAL Palo Alto Networks Cloud NGFW predicted 9.8 CVE-2023-46604 CRITICAL Apache Software Foundation Apache ActiveMQ predicted 9.8 CVE-2025-31324 CRITICAL SAP_SE SAP NetWeaver (Visual Composer development server) predicted 9.8 CVE-2023-22527 CRITICAL Atlassian Confluence Data Center low 9.8 CVE-2024-0012 CRITICAL Palo Alto Networks Cloud NGFW low 9.8 CVE-2023-46604 CRITICAL Apache Software Foundation Apache ActiveMQ low 9.8 CVE-2024-50603 CRITICAL Aviatrix Controller low 9.8 CVE-2024-4577 CRITICAL PHP Group PHP predicted 9.8 CVE-2025-22457 CRITICAL Ivanti Connect Secure predicted 9.8 CVE-2024-53704 CRITICAL SonicWall SonicOS predicted 9.8 CVE-2025-0282 CRITICAL Ivanti Connect Secure predicted 9.0 CVE-2025-49704 HIGH Microsoft SharePoint Enterprise Server 2016 predicted 8.8 CVE-2022-26500 HIGH Veeam Backup & Replication predicted 8.8 CVE-2025-4428 HIGH Ivanti Endpoint Manager Mobile low 8.8 CVE-2025-4427 HIGH Ivanti Endpoint Manager Mobile low 7.5 CVE-2025-5777 HIGH NetScaler ADC low 7.5 CVE-2023-27532 HIGH Veeam Backup & Replication predicted 7.5 CVE-2025-5777 HIGH NetScaler ADC predicted 7.5 CVE-2024-9474 HIGH Palo Alto Networks Cloud NGFW predicted 7.2 CVE-2024-38094 HIGH Microsoft SharePoint Enterprise Server 2016 predicted 7.2 CVE-2025-49706 MEDIUM Microsoft SharePoint Enterprise Server 2016 predicted 6.5